List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A command-line tool to get valuable information out of AWS CloudTrail

AWS Auditing & Hardening Tool

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

Deploy an high available K3s cluster on Amazon AWS

Terraform module to provision an AWS CloudTrail and an encrypted S3 bucket with versioning to store CloudTrail logs

Retrospectively tag AWS resources so you can work out who created them

Parse AWS CloudTrail events and send alerts to Slack for events that match pre-configured rules

A serverless, event-driven AWS configuration collection service with configuration versioning.

Several bundled Graylog plugins to integrate with different AWS services like CloudTrail and FlowLogs.

A command line utility that allows you to stream data from multiple S3 objects directly into your terminal

Adaptive AWS Zero Trust Policy made easy: Auto-generate least-privilege policies based on user activity in real time! Accelerate the adoption of smart access control

S3 bucket with built in IAM policy to allow CloudTrail logs

Advanced AWS Security Automation Resources: Used by Udemy Course 🎓

AWS support tickets aggregation service

Publicly-listed AWS account IDs for easy lookup. Great for cleaning up false positives from unknown Account IDs in Cloudtrail

Easily export AWS CloudTrail events to ElasticSearch

Cloudtrail Log Analytics using Amazon Elasticsearch Service - AWS Serverless Application

Serverless Platform for Enhanced Insights from CloudTrail Logs

Detect AWS usage anomalies in near-real time using OpenSearch Anomaly Detection and CloudTrail for improved cost management and security